We welcome you to our website. We would like to inform you about the management of your personal data in accordance with Art. 13 General Data Protection Regulation (GDPR).
The controller responsible for the described data collection and processing is named as follows:
Books on Demand GmbH
In de Tarpen 42
Phone: +49(0) 40 534335-0
Storage of Your IP address
We store the IP address transmitted by your web browser strictly for the purpose of identifying, restricting and eliminating attacks on our website. The legal basis for the processing of this personal data is provided for in Art. 6 para. 1 s. 1 lit. f GDPR.
When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set contains:
The listed usage data is stored anonymously.
To avoid unauthorized access to your data, we have implemented technical and organizational measures. We use encryption technologies on our website. Your data will be transferred to our servers and back again via a connection that is protected by a TLS encryption technology. You can recognize that you are browsing on an encryption secured website by the lock-symbol shown in the address bar of your browser and by the address bar starting with https://.
Data Transfer to Third Parties and to Third Countries (Non-EU-Countries)
We transfer your data to service providers supporting us in the operation of our website (e.g. hosting-service providers, maintenance, web analytics service providers, call center) and the associated processes. Furthermore, we transfer your data to newsletter service providers and service providers supporting us in the shipping process e.g. logistics companies and payment service providers. This transference is made under the scope of a data processing agreement in accordance to Art. 28 GDPR. Our service providers are bound to us by strict instructions and contractual obligations.
In some cases, we may transfer personal data to third countries outside the EU. In each case, we ensure an appropriate level of data protection according to European standards.
In the case of Google Analytics (USA), Google+ (USA) and Google Adwords (USA) an appropriate level of data protection is ensured by the corresponding participation in the Privacy Shield Agreement (Art. 45 para. 1 GDPR). The same applies to Salesforce (USA) and Twitter (USA).
We use Google Analytics to create pseudonymous user profiles for improving and designing our website on demand. Google Analytics uses “cookies”, which are text files placed on your end device and can be read by us. In this way, we are able to recognize and count returning visitors. This data processing is carried out on the basis of Art. 6 para. 1 s. 1 lit. f GDPR or § 15 para. 3 TMG and in the interest of finding out how often our website is viewed by different users.
The information generated by the cookies about your use of the website will be transmitted to and stored by Google on its servers in the United States. We have activated IP-anonymization on this website, your IP address will be truncated within the area of Member States of the European Union. Only in exceptional cases is the whole IP address transferred to a Google server in the USA and truncated there (an adequate level of data protection is ensured according to Art. 45 para. 1 GDPR because Google is a participant in the Privacy Shield Agreement). We have also concluded a contract with Google Inc. (USA) for contract data processing pursuant to Art. 28 GDPR. Accordingly, Google will solely use collected data for the purposes intended, which are to evaluate the use of the website and to compile reports on website activities.
You can withdraw your consent to the processing at any time. Please use one of the following options:
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to opting out from being tracked by Google Analytics you can also click the following link. An opt-out cookie will be stored, which means that no web analysis will take place as long as the opt-out cookie is stored by your browser.
You can contact us via our web contact form. In order to use our contact form we require your name and your email-address. You may provide us with further information, but you are not obligated to do so.
The legal basis for processing is Art. 6 para. 1 s. 1 lit. a GDPR. We use your data exclusively for the processing of your request and delete them after 30 days. The data is not transmitted to third parties.
Social Media Plugins
We do integrate social media plugins of the social media service Twitter directly into our website. This service is provided by Twitter Inc. (“Provider”). Twitter is run by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). You can find an overview of the Twitter-Buttons and its design on: https://twitter.com/about/resources/buttons.
If a page on our website visited by you contains such a social media plugin, your browser establishes a connection to the Twitter servers. The content of the social media plugin will be directly transmitted to your browser by the respective provider and integrated in the page. The Provider receives the information that your browser has accessed the respective page of our website via the embedded social media plugin even though you do not own an account or are not logged in. This information (including your IP address) will be directly transmitted from your browser to the Provider in the US and stored by the Provider.
If you are logged into this service, the Provider can immediately link your visit to our website to your Twitter profile. When you interact with these social media plugins, e.g. by confirming the “Twitter”-Button, the respective information will also be directly transmitted to the Providers’ server and thereby stored. The information will also be published in your Twitter account and displayed to your contacts.
You can find out about the purpose and scope of the data collection and any further processing and usage of the data by the Provider as well as your rights and configuration options regarding your protection of privacy at the Providers data protection notice:
Twitter’s data protection notice: https://twitter.com/privacy
If you do not want Twitter to match the data collected via our website directly to your Twitter profile, you have to log out of Twitter before accessing our website. You can also completely prevent any loading of the social media plugins by installing Add-Ons for your browser, e.g. the Script-Blocker “NoScript” (http://noscript.net/).
Google Adwords Conversion Tracking and Remarketing
We use Google Retargeting Technologies.
We use Google’s retargeting technologies in order to offer you advertising, on other websites, that is tailored to your interests. Data processing is carried out on the basis of Art. 6 para. 1 s. 1 lit. a GDPR.
When you visit our website, recognition features of your browser or end device are retrieved, your IP address is evaluated or a recognition feature is stored as a small text file (e. g. so-called third-party cookie) on your end device. Furthermore, it is possible that Google connects your visit of our website with your usage behavior which is recorded when you visit various websites. The characteristics are designed pseudonymously. If you are logged in with your Google account, these features can be assigned directly to your profile. Google can link and store your visits to our web pages with your features to display targeted advertising on other Internet sites and can also identify your previous visit to our web page.
Your device and your browser will be recognized by Google, e.g. when you visit a page that displays advertisements on Google’s behalf.
We may add keywords to our webpages that contain statements about the content of the website, such as offered products. Google receives these keywords which contain neither personal nor sensitive information. When you visit a page with certain keywords related to products, Google stores them and assigns them to your pseudonymous recognition features. Google can use this link to determine whether and, if so, which of our advertisements will be displayed to you.
We can therefore commission Google to place advertisements on other websites based on the pages you visited. If you visit another website that participates in Google’s display network, Google can use recognition features and keywords stored for this purpose to determine whether and, if so, which of our ads should be displayed.
If you sign in to Google services with your own credentials or use one or more of your own Google accounts, Google may link the recognition features of different browsers and devices. In this way, Google can also play our advertising campaigns beyond the end device in a targeted manner. However, Google will only do this if you have agreed to this data processing in your dealings with Google.
Your data will be transmitted to Google and stored in the US. An adequate level of data protection is ensured according to Art. 45 para. 1 GDPR because Google is participating in the Privacy Shield Agreement. We have also concluded a contract with Google Inc. (USA) for contract data processing pursuant to Art. 28 GDPR. Accordingly, Google will solely use collected data for the purposes intended, which are to evaluate the use of the website and to compile reports on website activities.You Have the Option to Define Advertising Settings
You can reject your consent to this form of Retargeting advertising on our website given by and via the Cookie banner at any time. To do this, please visit the following website: https://adssettings.google.com/authenticated and change your personalized advertising settings. Please note that these settings may not affect all devices and browsers. If you use a device with your Google Account pseudonymous characteristics might be allocated to your account. To prevent this you have to log out.
Explanation of Data Security Measures Rights as a User
Your Rights as a User
As a website user, the GDPR grants you certain rights when processing your personal data.
1. Right of access (Art. 15 GDPR):
You have the right to obtain confirmation at to whether or not personal data concerning you is being processed, and, where that is the case access to the personal data and the information specified in Art. 15 GDPR.
2. Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer necessary for the intended purpose.
3. Right to restriction of processing (Art. 18 GDPR):
If one of the conditions set forth in Art. 18 GDPR applies, you shall have the right to restrict the processing of your data to mere storage, e.g. if you revoke consent, to the processing, for the duration of a possible examination.
4. Right to data portability (Art. 20 GDPR):
In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.
5. Right to object (Art. 21 GDPR):
If the data is processed pursuant to Art. 6 para. 1 s. 1 lit. f GDPR (data processing for the purposes of the legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process personal data, unless there are demonstrably compelling legitimate grounds for processing, which override the interests, rights and freedoms of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.
6. Right to lodge a complaint with a supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider the processing of the data concerning you infringes data protection regulations. The right to lodge a complaint may be invoked in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.
Contact Details of the Data Protection Officer
Please contact our data protection officer if you have any further questions, suggestions or wishes regarding data protection:
Dr. Uwe Schläger
datenschutz nord GmbH
28217 Bremen, Germany
Telefon: 0049 421 69 66 32 0